• No replies
1 Post

Pinned topic Extraction of certificate identity from incoming request

‏2012-04-29T23:20:46Z |

I have an requirement for security for WESB webservices: Authentication and Authorization. In authentication step, the client is authorized using digital certificate. Hence I have configured policy set and policy set binding and attached to the service. It works fine. The second step is to authorize the requester. For authorizing, I have to extract the CN from incoming request certificate and check if the user is allowed to perform the requested operation.

I am not sure if I can extract the identity from incoming certificate. Hence I wanted to know if it is possible. If so, can you provide me some hints.